Biblio

The Internet of Things is a developing technology that converts physical objects into virtual objects connected to the internet using wired and wireless network architecture. Use of cross-layer techniques in the internet of things is primarily driven by the high heterogeneity of hardware and software capabilities. Although traditional layered architecture has been effective for a while, cross-layer protocols have the potential to greatly improve a number of wireless network characteristics, including bandwidth and energy usage. Also, one of the main concerns with the internet of things is security, and machine learning (ML) techniques are thought to be the most cuttingedge and viable approach. This has led to a plethora of new research directions for tackling IoT's growing security issues. In the proposed study, a number of cross-layer approaches based on machine learning techniques that have been offered in the past to address issues and challenges brought on by the variety of IoT are in-depth examined. Additionally, the main issues are mentioned and analyzed, including those related to scalability, interoperability, security, privacy, mobility, and energy utilization.

Security of Internet of Things (IoT) is one of the most prevalent crucial challenges ever since. The diversified devices and their specification along with resource constrained protocols made it more complex to address over all security need of IoT. Denial of Service attacks, being the most powerful and frequent attacks on IoT have been considered so forth. However, the attack happens on multiple layers and thus a single detection technique for each layer is not sufficient and effective to combat these attacks. Current study focuses on cross layer intrusion detection system (IDS) for detection of multiple Denial of Service (DoS) attacks. Presently, two attacks at Transmission Control Protocol (TCP) and Routing Protocol are considered for Low power and Lossy Networks (RPL) and a neural network-based IDS approach has been proposed for the detection of such attacks. The attacks are simulated on NetSim and detection and the performance shows up to 80% detection probabilities.

With the intelligent development of power system, due to the double-layer structure of smart grid and the characteristics of failure propagation across layers, the attack path also changes significantly: from single-layer to multi-layer and from static to dynamic. In response to the shortcomings of the single-layer attack path of traditional attack path identification methods, this paper proposes the idea of cross-layer attack, which integrates the threat propagation mechanism of the information layer and the failure propagation mechanism of the physical layer to establish a forward-backward bi-directional detection model. The model is mainly used to predict possible cross-layer attack paths and evaluate their path generation probabilities to provide theoretical guidance and technical support for defenders. The experimental results show that the method proposed in this paper can well identify the dynamic cross-layer attacks in the smart grid.

Due to the rapid development of cyber-physical systems, there are more and more security problems. The purpose of this work is to develop the concept of a knowledge base in the field of security of cyber-physical systems based on an ontological approach. To create the concept of a knowledge base, it was necessary to consider the system of a cyber-physical system and highlight its structural parts. As a result, the main concepts of the security of a cyber-physical system were identified and the concept of a knowledge base was drawn up, which in the future will help to analyze potential threats to cyber-physical systems.

The modern networking world is being exposed to many risks more frequently every day. Most of systems strongly rely on remaining anonymous throughout the whole endpoint exploitation process. Covert channels represent risk since they ex-ploit legitimate communications and network protocols to evade typical filtering. This firewall avoidance sees covert channels frequently used for malicious communication of intruders with systems they compromised, and thus a real threat to network security. While there are commercial tools to safeguard computer networks, novel applications such as automotive connectivity and V2X present new challenges. This paper focuses on the analysis of the recent ways of using covert channels and detecting them, but also on the state-of-the-art possibilities of protection against them. We investigate observing the timing covert channels behavior simulated via injected ICMP traffic into standard network communications. Most importantly, we concentrate on enhancing firewall with detection and prevention of such attack built-in features. The main contribution of the paper is design for detection timing covert channel threats utilizing detection methods based on statistical analysis. These detection methods are combined and implemented in one program as a simple host-based intrusion detection system (HIDS). As a result, the proposed design can analyze and detect timing covert channels, with the addition of taking preventive measures to block any future attempts to breach the security of an end device.

As the IPv6 protocol has been rapidly developed and applied, the security of IPv6 networks has become the focus of academic and industrial attention. Despite the fact that the IPv6 protocol is designed with security in mind, due to insufficient defense measures of current firewalls and intrusion detection systems for IPv6 networks, the construction of covert channels using fields not defined or reserved in IPv6 protocols may compromise the information systems. By discussing the possibility of constructing storage covert channels within IPv6 protocol fields, 10 types of IPv6 covert channels are constructed with undefined and reserved fields, including the flow label field, the traffic class field of IPv6 header, the reserved fields of IPv6 extension headers and the code field of ICMPv6 header. An IPv6 covert channel detection method based on field matching (CC-Guard) is proposed, and a typical IPv6 network environment is built for testing. In comparison with existing detection tools, the experimental results show that the CC-Guard not only can detect more covert channels consisting of IPv6 extension headers and ICMPv6 headers, but also achieves real-time detection with a lower detection overhead.

The traditional ciphertext-policy attribute-based encryption (CP-ABE) has the problems of poor security of key distribution by a single attribute authorization center and too much calculation on the client in the process of encryption and decryption. A CP-ABE scheme that can outsource encryption and decryption and support multi-authorization centers is introduced to solve the above two problems. In the key generation stage, the user's private key is generated by the attribute authorization center and the key generation center jointly executing the two-party secure computing protocol; In the encryption and decryption stage, the cloud encryption server and cloud storage server are used to handle most of the computing work. Security proof and performance analysis show that the scheme not only can effectively make up for the defect of all key leakage when the attribute authorization center is broken, but also can enhance the security of the system; Moreover, after using the cloud server to process data, users only need to perform a simple calculation on the client to complete encryption or decryption, thus reducing the user's computing workload.

Cloud computing is a unified management and scheduling model of computing resources. To satisfy multiple resource requirements for various application, edge computing has been proposed. One challenge of edge computing is cross-domain data security sharing problem. Ciphertext policy attribute-based encryption (CP-ABE) is an effective way to ensure data security sharing. However, many existing schemes focus on could computing, and do not consider the features of edge computing. In order to address this issue, we propose a cross-domain data security sharing approach for edge computing based on CP-ABE. Besides data user attributes, we also consider access control from edge nodes to user data. Our scheme first calculates public-secret key peer of each edge node based on its attributes, and then uses it to encrypt secret key of data ciphertext to ensure data security. In addition, our scheme can add non-user access control attributes such as time, location, frequency according to the different demands. In this paper we take time as example. Finally, the simulation experiments and analysis exhibit the feasibility and effectiveness of our approach.

The SPECTRE family of speculative execution attacks has required a rethinking of formal methods for security. Approaches based on operational speculative semantics have made initial inroads towards finding vulnerable code and validating defenses. However, with each new attack grows the amount of microarchitectural detail that has to be integrated into the underlying semantics. We propose an alternative, lightweight and axiomatic approach to specifying speculative semantics that relies on insights from memory models for concurrency. We use the CAT modeling language for memory consistency to specify execution models that capture speculative control flow, store-to-load forwarding, predictive store forwarding, and memory ordering machine clears. We present a bounded model checking framework parameterized by our speculative CAT models and evaluate its implementation against the state of the art. Due to the axiomatic approach, our models can be rapidly extended to allow our framework to detect new types of attacks and validate defenses against them.

Concurrency vulnerabilities caused by synchronization problems will occur in the execution of multi-threaded programs, and the emergence of concurrency vulnerabilities often cause great threats to the system. Once the concurrency vulnerabilities are exploited, the system will suffer various attacks, seriously affecting its availability, confidentiality and security. In this paper, we extract 839 concurrency vulnerabilities from Common Vulnerabilities and Exposures (CVE), and conduct a comprehensive analysis of the trend, classifications, causes, severity, and impact. Finally, we obtained some findings: 1) From 1999 to 2021, the number of concurrency vulnerabilities disclosures show an overall upward trend. 2) In the distribution of concurrency vulnerability, race condition accounts for the largest proportion. 3) The overall severity of concurrency vulnerabilities is medium risk. 4) The number of concurrency vulnerabilities that can be exploited for local access and network access is almost equal, and nearly half of the concurrency vulnerabilities (377/839) can be accessed remotely. 5) The access complexity of 571 concurrency vulnerabilities is medium, and the number of concurrency vulnerabilities with high or low access complexity is almost equal. The results obtained through the empirical study can provide more support and guidance for research in the field of concurrency vulnerabilities.

We show that a new type of dielectric cavity featuring deep sub-wavelength light confinement allows a significant speedup of all-optical signal processing functionalities, without compromising the energy efficiency. The effect is due to enhanced diffusion dynamics in an unconventional geometry.

We propose a methodology for the simulation of electrostatic confinement wells in transistors at cryogenic temperatures. This is considered in the context of 22-nm fully depleted silicon-on-insulator transistors due to their potential for imple-menting quantum bits in scalable quantum computing systems. To overcome thermal fluctuations and improve decoherence times in most quantum bit implementations, they must be operated at cryogenic temperatures. We review the dominant sources of electric field at these low temperatures, including material interface work function differences and trapped interface charges. Intrinsic generation and dopant ionisation are shown to be negligible at cryogenic temperatures when using a mode of operation suitable for confinement. We propose studying cryogenic electrostatic confinement wells in transistors using a finite-element model simulation, and decoupling carrier transport generated fields.

Controller Area Network with Flexible Data-rate(CAN FD) has the advantages of high bandwidth and data field length to meet the higher communication requirements of parallel in-vehicle applications. If the CAN FD lacking the authentication security mechanism is used, it is easy to make it suffer from masquerade attack. Therefore, a two-stage method based on message authentication is proposed to enhance the security of it. In the first stage, an anti-exhaustive message exchange and comparison algorithm is proposed. After exchanging the message comparison sequence, the lower bound of the vehicle application and redundant message space is obtained. In the second stage, an enhanced round accumulation algorithm is proposed to enhance security, which adds Message Authentication Codes(MACs) to the redundant message space in a way of fewer accumulation rounds. Experimental examples show that the proposed two-stage approach enables both small-scale and large-scale parallel in-vehicle applications security to be enhanced. Among them, in the Adaptive Cruise Control Application(ACCA), when the laxity interval is 1300μs, the total increased MACs is as high as 388Bit, and the accumulation rounds is as low as 40 rounds.

This paper presents a case study for designing and implementing a secure communication protocol over a Controller Area Network (CAN). The CAN based protocol uses a hybrid encryption method on a relatively simple hardware / software environment. Moreover, the blockchain technology is proposed as a working solution to provide an extra secure level of the proposed system.

Conversational Intelligent Tutoring Systems (CITS) in learning environments are capable of providing personalized instruction to students in different domains, to improve the learning process. This interaction between the Intelligent Tutoring System (ITS) and the user is carried out through dialogues in natural language. In this study, we use an open source framework called Rasa to adapt the original button-based user interface of an algebraic/arithmetic word problem-solving ITS to one based primarily on the use of natural language. We conducted an empirical study showing that once properly trained, our conversational agent was able to recognize the intent related to the content of the student’s message with an average accuracy above 0.95.

In recent years, business environments are undergoing disruptive changes across sectors [1]. Globalization and technological advances, such as artificial intelligence and the internet of things, have completely redesigned business activities, bringing to light an ever-increasing interest and attention towards the customer [2], especially in healthcare sector. In this context, researchers is paying more and more attention to the introduction of new technologies capable of meeting the patients’ needs [3, 4] and the Covid-19 pandemic has contributed and still contributes to accelerate this phenomenon [5]. Therefore, emerging technologies (i.e., AI-enabled solutions, service robots, conversational agents) are proving to be effective partners in improving medical care and quality of life [6]. Conversational agents, often identified in other ways as “chatbots”, are AI-enabled service robots based on the use of text [7] and capable of interpreting natural language and ensuring automation of responses by emulating human behavior [8, 9, 10]. Their introduction is linked to help institutions and doctors in the management of their patients [11, 12], at the same time maintaining the negligible incremental costs thanks to their virtual aspect [13–14]. However, while the utilization of these tools has significantly increased during the pandemic [15, 16, 17], it is unclear what benefits they bring to service delivery. In order to identify their contributions, there is a need to find out which activities can be supported by conversational agents.This paper takes a grounded approach [18] to achieve contextual understanding design and to effectively interpret the context and meanings related to conversational agents in healthcare interactions. The study context concerns six chatbots adopted in the healthcare sector through semi-structured interviews conducted in the health ecosystem. Secondary data relating to these tools under consideration are also used to complete the picture on them. Observation, interviewing and archival documents [19] could be used in qualitative research to make comparisons and obtain enriched results due to the opportunity to bridge the weaknesses of one source by compensating it with the strengths of others. Conversational agents automate customer interactions with smart meaningful interactions powered by Artificial Intelligence, making support, information provision and contextual understanding scalable. They help doctors to conduct the conversations that matter with their patients. In this context, conversational agents play a critical role in making relevant healthcare information accessible to the right stakeholders at the right time, defining an ever-present accessible solution for patients’ needs. In summary, conversational agents cannot replace the role of doctors but help them to manage patients. By conveying constant presence and fast information, they help doctors to build close relationships and trust with patients.

Artificial intelligence (AI) and machine learning (ML) have been used in transforming our environment and the way people think, behave, and make decisions during the last few decades [1]. In the last two decades everyone connected to the Internet either an enterprise or individuals has become concerned about the security of his/their computational resources. Cybersecurity is responsible for protecting hardware and software resources from cyber attacks e.g. viruses, malware, intrusion, eavesdropping. Cyber attacks either come from black hackers or cyber warfare units. Artificial intelligence (AI) and machine learning (ML) have played an important role in developing efficient cyber security tools. This paper presents Latest Cyber Security Tools Based on Machine Learning which are: Windows defender ATP, DarckTrace, Cisco Network Analytic, IBM QRader, StringSifter, Sophos intercept X, SIME, NPL, and Symantec Targeted Attack Analytic.

Scanning Transmission Electron Microscopy (STEM) offers high-resolution images that are used to quantify the nanoscale atomic structure and composition of materials and biological specimens. In many cases, however, the resolution is limited by the electron beam damage, since in traditional STEM, a focused electron beam scans every location of the sample in a raster fashion. In this paper, we propose a scanning method based on the theory of Compressive Sensing (CS) and subsampling the electron probe locations using a line hop sampling scheme that significantly reduces the electron beam damage. We experimentally validate the feasibility of the proposed method by acquiring real CS-STEM data, and recovering images using a Bayesian dictionary learning approach. We support the proposed method by applying a series of masks to fully-sampled STEM data to simulate the expectation of real CS-STEM. Finally, we perform the real data experimental series using a constrained-dose budget to limit the impact of electron dose upon the results, by ensuring that the total electron count remains constant for each image.

Communication systems across a variety of applications are increasingly using the angular domain to improve spectrum management. They require new sensing architectures to perform energy-efficient measurements of the electromagnetic environment that can be deployed in a variety of use cases. This paper presents the Directional Spectrum Sensor (DSS), a compressive sampling (CS) based analog-to-information converter (CS-AIC) that performs spectrum scanning in a focused beam. The DSS offers increased spectrum sensing sensitivity and interferer tolerance compared to omnidirectional sensors. The DSS implementation uses a multi-antenna beamforming architecture with local oscillators that are modulated with pseudo random waveforms to obtain CS measurements. The overall operation, limitations, and the influence of wideband angular effects on the spectrum scanning performance are discussed. Measurements on an experimental prototype are presented and highlight improvements over single antenna, omnidirectional sensing systems.

A weather radar is expected to provide information about weather conditions in real time and valid. To obtain these results, weather radar takes a lot of data samples, so a large amount of data is obtained. Therefore, the weather radar equipment must provide bandwidth for a large capacity for transmission and storage media. To reduce the burden of data volume by performing compression techniques at the time of data acquisition. Compressive Sampling (CS) is a new data acquisition method that allows the sampling and compression processes to be carried out simultaneously to speed up computing time, reduce bandwidth when passed on transmission media, and save storage media. There are three stages in the CS method, namely: sparsity transformation using the Discrete Cosine Transform (DCT) algorithm, sampling using a measurement matrix, and reconstruction using the Orthogonal Matching Pursuit (OMP) algorithm. The sparsity transformation aims to convert the representation of the radar signal into a sparse form. Sampling is used to extract important information from the radar signal, and reconstruction is used to get the radar signal back. The data used in this study is the real data of the IDRA beat signal. Based on the CS simulation that has been done, the best PSNR and RMSE values are obtained when using a CR value of two times, while the shortest computation time is obtained when using a CR value of 32 times. CS simulation in a sector via DCT using the CR value two times produces a PSNR value of 20.838 dB and an RMSE value of 0.091. CS simulation in a sector via DCT using the CR value 32 times requires a computation time of 10.574 seconds.

With memory safety and security issues continuing to plague modern systems, security is rapidly becoming a first class priority in new architectures and competes directly with performance and power efficiency. The capability-based architecture model provides a promising solution to many memory vulnerabilities by replacing plain addresses with capabilities, i.e., addresses and related metadata. A key advantage of the capability model is compatibility with existing code bases. Capabilities can be implemented transparently to a programmer, i.e., without source code changes. Capabilities leverage semantics in source code to describe access permissions but require customized compilers to translate the semantics to their binary equivalent.In this work, we introduce a complete capabilityaware compiler toolchain for such secure architectures. We illustrate the compiler construction with a RISC-V capability-based architecture, called Zeno. As a securityfocused, large-scale, global shared memory architecture, Zeno implements a Namespace-based capability model for accesses. Namespace IDs (NSID) are encoded with an extended addressing model to associate them with access permission metadata elsewhere in the system. The NSID extended addressing model requires custom compiler support to fully leverage the protections offered by Namespaces. The Zeno compiler produces code transparently to the programmer that is aware of Namespaces and maintains their integrity. The Zeno assembler enables custom Zeno instructions which support secure memory operations. Our results show that our custom toolchain moderately increases the binary size compared to nonZeno compilation. We find the minimal overhead incurred by the additional NSID management instructions to be an acceptable trade-off for the memory safety and security offered by Zeno Namespaces.

Cognitive Radio (CR) is an attractive solution in mobile communication for solving the spectrum scarcity problem. Moreover, security concerns are not yet fully satisfied. This article focuses on attacks such as the Primary user emulation attack (PUE) and the jammer attack. These attacks create anomalous spectrum access thereby disturbing the dynamic spectrum usage in the CR networks. A framework based on cross-layer has been designed effectively to determine these attacks in the CR networks. First, each secondary user will sense the spectrum in the physical layer and construct a feature space. Using the extracted features, the clusters are formed effectively for each user. In the network layer, multipath routing is employed to discover the routes for the secondary user. If the node in the path identifies any spectrum shortage, it will verify that location with the help of constructed cluster. If the node does not belong to any of the clusters, then it will be identified as the attacker node. Simulation results and security analysis are performed using the NS2 simulations, which show improvement in detection of the attacks, decrease in the detection delay, and less route dis-connectivity. The proposed cross-layer framework identifies the anomalous spectrum access attack effectively.

There has been a significant rise in the use of wireless sensor networks (WSNs) in the past few years. It is evident that WSNs operate in unlicensed spectrum bands [1]. But due to the increasing usage in unlicensed spectrum band this band is getting overcrowded. The recent development of cognitive radio technology [2, 3] has made possible the utilization of licensed spectrum band in an opportunistic manner. This paper studies an introduction to Cognitive Radio Technology, Cognitive Radio Wireless Sensor Networks, its Advantages & Challenges, Cognitive Radio Technology Applications and a comparative analysis of node clustering techniques in CWSN.

IoT connects a large number of physical objects with the Internet that capture and exchange real-time information for service provisioning. Traditional network management schemes face challenges to manage vast amounts of network traffic generated by IoT services. Software-defined networking (SDN) and information-centric networking (ICN) are two complementary technologies that could be integrated to solve the challenges of different aspects of IoT service provisioning. ICN offers a clean-slate design to accommodate continuously increasing network traffic by considering content as a network primitive. It provides a novel solution for information propagation and delivery for large-scale IoT services. On the other hand, SDN allocates overall network management responsibilities to a central controller, where network elements act merely as traffic forwarding components. An SDN-enabled network supports ICN without deploying ICN-capable hardware. Therefore, the integration of SDN and ICN provides benefits for large-scale IoT services. This article provides a comprehensive survey on software-defined information-centric Internet of Things (SDIC-IoT) for IoT service provisioning. We present critical enabling technologies of SDIC-IoT, discuss its architecture, and describe its benefits for IoT service provisioning. We elaborate on key IoT service provisioning requirements and discuss how SDIC-IoT supports different aspects of IoT services. We define different taxonomies of SDIC-IoT literature based on various performance parameters. Furthermore, we extensively discuss different use cases, synergies, and advances to realize the SDIC-IoT concept. Finally, we present current challenges and future research directions of IoT service provisioning using SDIC-IoT.